The npm community forum has been discontinued.
To discuss usage of npm, visit the GitHub Support Community.
Audit before installing packages
Is there any way to find out the
audit for a package without installing it? It seems strange to me that I have to download (and by that, already executing possibly harmful scripts) before I can check if the packages is actually “trusted” (meaning: no audit results).
I imagine there should be some method to check the audit for a package before installing it, to make sure I don’t install a malicious package, but I can’t find any?